public HttpResponseMessage PutTodoList(int id, TodoListDto todoListDto)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
if (id != todoListDto.TodoListId)
{
return(Request.CreateResponse(HttpStatusCode.BadRequest));
}
TodoList todoList = todoListDto.ToEntity();
if (db.Entry(todoList).Entity.UserId != User.Identity.Name)
{
// Trying to modify a record that does not belong to the user
return(Request.CreateResponse(HttpStatusCode.Unauthorized));
}
db.Entry(todoList).State = EntityState.Modified;
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError));
}
return(Request.CreateResponse(HttpStatusCode.OK));
}
public HttpResponseMessage DeleteTodoList(int id)
{
TodoList todoList = db.TodoLists.Find(id);
if (todoList == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound));
}
if (db.Entry(todoList).Entity.UserId != User.Identity.Name)
{
// Trying to delete a record that does not belong to the user
return(Request.CreateResponse(HttpStatusCode.Unauthorized));
}
TodoListDto todoListDto = new TodoListDto(todoList);
db.TodoLists.Remove(todoList);
try
{
db.SaveChanges();
}
catch (DbUpdateConcurrencyException)
{
return(Request.CreateResponse(HttpStatusCode.InternalServerError));
}
return(Request.CreateResponse(HttpStatusCode.OK, todoListDto));
}
public HttpResponseMessage PostTodoList(TodoListDto todoListDto)
{
if (!ModelState.IsValid)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
}
todoListDto.UserId = User.Identity.Name;
TodoList todoList = todoListDto.ToEntity();
db.TodoLists.Add(todoList);
db.SaveChanges();
todoListDto.TodoListId = todoList.TodoListId;
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Created, todoListDto);
response.Headers.Location = new Uri(Url.Link("DefaultApi", new { id = todoListDto.TodoListId }));
return(response);
}